Suspected LulzSec hacker arrested in Australia could face 12 years in jail

April 23, 2013: In this photo provided by the Australian Federal Police, a handcuffed man is escorted by police following his arrest on a charge of attacking and defacing a government website. The Australian man, who police say has claimed to be a high-level member of international hacking collective Lulz Security, was charged with two counts of unauthorized modification of data to cause impairment, and one count of unauthorized access to, or modification of, restricted data.
(AP/Australian Federal Police)

SYDNEY – Australian police have arrested a man they say is affiliated with international hacking collective Lulz Security on a charge of attacking and defacing a government website, officials said Wednesday.

The 24-year-old senior IT worker, whose name was not released, was arrested on Tuesday night at his Sydney office, the Australian Federal Police said. The man, who police say has claimed to be a high-level member of the hacking group, was charged with two counts of unauthorized modification of data to cause impairment, and one count of unauthorized access to, or modification of, restricted data. If convicted, he could face up to 12 years in jail.

Lulz Security, or LulzSec, is an offshoot of the hacking group Anonymous. LulzSec was formed in 2011 and quickly grabbed headlines after claiming responsibility for a series of high-profile cyberattacks against the CIA, Sony Pictures, the U.S. Public Broadcasting Service and Britain's Serious Organized Crime Agency.

Several members of the group have been arrested in recent years, including its reputed leader, known as Sabu. Sabu turned out to be FBI informant Hector Xavier Monsegur, who federal officials said helped them build a case against several other hackers. Two weeks ago, British LulzSec hacker Ryan Ackroyd pleaded guilty to several cyberattacks.

Australian Federal Police Superintendent Brad Marden said the man arrested on Tuesday hacked into an Australian government website and defaced it earlier this month. Marden would not say which website was attacked, but said it did not belong to a federal agency. Police don't believe any sensitive data stored on the site was accessed in the attack, and don't believe anyone else was involved in the hack.

The man, from Gosford — about 80 kilometers (50 miles) north of Sydney — claimed to be the Australian leader of LulzSec, Australian Federal Police Commander Glen McEwen said. But Anonymous Australia appeared to laugh off those claims on Twitter. In response to a follower asking if anyone knew who the man was, the group tweeted: "Nope not part of the usual suspects on any of our chans of communication."

Police began investigating the man two weeks ago after they discovered the government website had been hacked.

"This individual was operating from a position of trust who had access to sensitive information from clients including government agencies," McEwen said. "The AFP believes this man's skill sets and access to this type of information presented a considerable risk for Australian society."

The man was released on bail and ordered to appear in court next month.